8dc29ab52b2680b333b6c1f86a2439fad2dec6d8e234fc95b8240ce6dbf50822[.]zip | Triage

Sharing

General

Target

8dc29ab52b2680b333b6c1f86a2439fad2dec6d8e234fc95b8240ce6dbf50822.zip
Size

783KB
MD5

2b864cac8c50a5451111d7ee3eb00cf1
SHA1

4778b879cd623ef703cf4869b76e986eac469a93
SHA256

8dc29ab52b2680b333b6c1f86a2439fad2dec6d8e234fc95b8240ce6dbf50822
SHA512

74ffb32e0ed2e51d8d0a122d577c11b52f195f15d23de0c41ea3e782aef2b462c42a11c15891d4efca72acb2d16be896d0d92bb663af01e52f09bfa8d177e65b
SSDEEP

24576:0Bu8TWqWiG9sxVLuYhvJL9GNLCybyz5vAI2HkHies/wx7/:S/WrSuYhaLCybyz5rwF/wh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PO-000001488.exe

Files

8dc29ab52b2680b333b6c1f86a2439fad2dec6d8e234fc95b8240ce6dbf50822.zip
.zip
PO-000001488.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 863KB - Virtual size: 862KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ